Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10

  • Size

    154KB

  • Sample

    221030-vfdj4sagh5

  • MD5

    82a40bf7b71ff47c553bdaf68a9e18c0

  • SHA1

    914e3b83a6b8fc9fd80a66af203560974016441e

  • SHA256

    f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10

  • SHA512

    016ac6778c5ad9f84753fb78789202882e321c3631f7c0a5b5c227c691153bf338a45903678caa6a53d40f3c6379d5ca9d4524371b4dfaebe388166f11931c44

  • SSDEEP

    3072:8/jyZMP4k8F/v5p+T/fsSY8vZE6t1a+kD:L845F/L+TJDZ/q

Score
10/10

Malware Config

Targets

    • Target

      f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10

    • Size

      154KB

    • MD5

      82a40bf7b71ff47c553bdaf68a9e18c0

    • SHA1

      914e3b83a6b8fc9fd80a66af203560974016441e

    • SHA256

      f35aa7c2e52aa16d3e72c48fa8c48b8fac35a3c19527712a8c152289f0fc2c10

    • SHA512

      016ac6778c5ad9f84753fb78789202882e321c3631f7c0a5b5c227c691153bf338a45903678caa6a53d40f3c6379d5ca9d4524371b4dfaebe388166f11931c44

    • SSDEEP

      3072:8/jyZMP4k8F/v5p+T/fsSY8vZE6t1a+kD:L845F/L+TJDZ/q

    Score
    10/10
    • Modifies security service

    • Executes dropped EXE

    • Registers COM server for autorun

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks